Google Slide Records

• Machine Learning and Security

Reinforcement Learning

Introduction

Multi-agent reinforcement learning (MARL) algorithms gradually learn good (ideally optimal) strategies with respect to long-term goals through trial-and-error interactions with both the opponent and the unknown dynamic environment. 

The Stochastic Game (SG), together with MARL can address the environmental dynamics in security games in a systematic manner.

Reference

[1] A comprehensive survey of multi-agent reinforcement learning, by L. Busoniu, R. Babuska, and B. De Schutter, in IEEE Trans. Syst., Man, Cybern. C, 2008

[2] Improving Learning and Adaptation in Security Games by Exploiting Information Asymmetry, by Xiaofan He. Huaiyu Dai and Peng Ning, in INFOCOM 2015

Security Data Scientist Resources

Open Source Project

• http://www.mlsecproject.org/

[Video] Machine Learning and Big Data in Cyber Security

Source: Machine Learning and Big Data in Cyber Security Eyal Kolman Technion lecture
Speaker: by yal Kolman of RSA given at Technion-Israel Institute of Technoloy, Technion Computer Engineering summer school 2014

Summary:

• This video discusses about the challenging in applying machine learning to detect attacks. 
• It also introduces 3 case studies of how to use machine learning in the domain of security.

Challenges

• High cost of errors
• If the detection generates a lot of wrong alerts, then the detection is not useful.
• Data is not public
• Most of the security data are private
• Semantic gam
• Detection is not enough
• Evaluation difficulty
• There are few labels
• There are few attacks

Case Studies

• Detect inpersonation 
• based on users behavior
• locations
• Detect fraud in bank account
• Detect malicious domain
• Events with cookies
• Referral